Requirements for Portable Shellcode

Portable shellcode must be fully relocatable (in other words, it must retain usability in any location in memory). In addition, it must use the minimum of system-dependent auxiliary structures, relying only on the least changeable and best documented ones.

When developing portable shellcode, it is intolerable to base it on the contents of the CPU registers at the moment of overflow. This is because their values generally are undefined. Thus, this approach can be chosen only out of despair, when the shellcode obstinately refuses to fit the space (in bytes) allocated to it and the hacker must improvise, sacrificing the portability.

Hackers who want to write portable shellcode must forget about cunning tricks (also known as hacks), and other types of "aerobatics," including undocumented features. Using these negatively affects the portability without providing any positive effect in exchange. Just to illustrate this situation, recall an old anecdote about two programmers. The first one boasts: "My program is a hundred times more elegant, faster, and more compact than yours!" The second programmer reasonably answers: "But my program works, in contrast to yours." The common opinion that hacking is an art is true. However, this opinion is not particularly true for this case. Cunning tricks might be available to everyone who has read hacking manuals. However, not everyone is capable of sending the shellcode to the server without making it freeze or crash.